Black Box Veri-NAC
Strengths: Full dynamic access control and auditing of network devices
Weaknesses: Nothing that we found
Verdict: A solid suite of NAC products with a focus on keeping unauthorised users off the network. We give Veri-NAC our Recommended award
Black Box Veri-NAC provides agentless detection, alerting and blocking of attacks against a variety of network devices, including managed switches, VoIP phone ports and insecure wireless routers. It also protects against IP and MAC spoofing by trust lists. It uses a Dynamic Detection System that monitors for new network devices and audits them for vulnerabilities.
Setting up the appliance is almost plug and play. When it is linked into the network, it can grab an IP address via DHCP - or the address can be configured manually. After the IP has been assigned, all further configuration is done through the web-based GUI. Once we logged into the GUI, we ran the asset discovery tool, set up the alerts and turned on and configured the DDS. The configuration took a few minutes. The GUI itself has an organised layout that is easy to navigate.
Black Box offers various versions of the Veri-NAC, each designed for specific environments. The smallest version can protect one subnet and up to 20 devices and the largest can manage up to eight subnets and unlimited devices. The larger appliances also include Command Center functionality, which allows an administrator to remotely manage other Veri-NAC appliances across the network, or across the internet to branch offices.
Documentation includes a user guide on paper, as well as a password sheet and CD. There is also a PDF version of this guide on the documentation CD. The default password sheet provides the appliance default passwords and a short description of how to access the appliance through web GUI and console connections. All documentation has screenshots and configuration examples.
Black Box offers full phone and email support 24/7, 365 days a year, at no additional cost. Customers can also access an online resource centre, but do have to purchase updates for the CVE signature database annually, at ten per cent of purchase price.
At a price just shy of £1,000 for the smallest appliance, this product is good value for money. The Veri-NAC appliance provides full dynamic agentless control and vulnerability auditing of all network devices.